Role & Permission Management - Companies

We have 165 companies in our Navision 3.01 non SQL database. I have few clercks, who only supposed to have access to 160 companies. Is there a way to NOT give them the appropriate permission to these companies only? Another words, the typical approach would be to give them access to 160 companies (ROLE1 - Company 1, ROLE1 - Company 2, etc). This could be a lengthy procedure. Can I set up something like: ROLE1 - <>Company 77? Thank you.

Hello Denis, Unfortunately you cannot put <>Company 77. You will have to put in the company name and insert a record for each. You could write a report to create the permissions and put in code to exclude the 5 companies that you do not wish them to be able to access. Incidentally there is now a tool for configuring permissions for 3.70. Unfortunately it isn’t a standard feature of the product, but is a set of objects that came out on a 3.70 tool CD that was released with 3.70 in the UK. you might be able to get this from your NSC or MBS-US. These do make life easier. By the way, be very, very careful when changing the Company field in the Member Of table. I knew one end user who once intended to remove the value in the ‘Company’ field in a record in the Member Of table. However, instead of just highlighting the value in the field and deleting, he accidentally drilled down through the field into the company table and deleted it there and zapped one of his live companies! [xx(]

Dear Edward, thanks for your reply. I took my time and set it up “the classic way”. By the way, when you want to restrict somebody is it recommnded that you restrict that user from TABLE or FORM?

Hi Denis, I suggest that you follow the Navision “standard” permission setup, all users have access to all forms, reports and codeunits and you control the access setting the respective permissions on the tabladata (read, write, modify, etc.) Saludos Nils

Thank you Nils, will follow your advice. However, there are few cases where it will create a problem: example - Bank Card. You do not an AP clerk to change a posting groups for the bank (as well as other info), but if you remove the right to Modify Bank Account Table, she won’t be able to process any checks… That’s why I limited them so they can’t even open Form 373 - Bank Account Posting Groups.

Denis, there is also an “indirect” right to a table, meaning that the user can not modify the table directly (using a form) but only using special objects which have full permission to this very table. This usually applies to ledger tables and the corresponding posting routines. I do not know about processing checks, but I’d be surprised if it had not been implemented in this way, too.